The queryCertificate command uses an implementation class that is passed to communicate with a certificate authority (CA) server and query a certificate.
The queryCertificate command checks to see if the certificate is complete. If the certificate is complete, then the CA certificate is stored in the client keystore. If the certificate is not complete, the certificate request remains in the keystore and the queryCertificate command can be called at some later time to determine if the certificate is complete.
Issue the command from the profile_root/bin directory.
The command syntax is as follows:
queryCertificate.sh -host<caHost> -port<caPort> -username<caUserName> -password<caPassword> -alias<certificateAlias> -keystoreAlias<keystoreAlias> -pkiImplClass<customCAClient>[options]
queryCertificate.bat -host<caHost> -port<caPort> -username<caUserName> -password<caPassword> -alias<certificateAlias> -keystoreAlias<keystoreAlias> -pkiImplClass<customCAClient> [options]
queryCertificate.sh -host<caHost> -port<caPort> -username<caUserName> -password<caPassword> -alias<certificateAlias> -keystoreAlias<keystoreAlias> -pkiImplClass<customCAClient>[options]
queryCertificate -host<caHost> -port<caPort> -username<caUserName> -password<caPassword> -alias<certificateAlias> -keystoreAlias<keystoreAlias> -pkiImplClass<customCAClient>[options]
The following options are available for the queryCertificate command:
The following example performs a queryCertificate:
queryCertificate.sh -host localhost -port 1077 - username pkiuser -password webspherepki -alias C:\opt\WebSphere\AppClient\ etc\certReq26924.req -keyStoreAlias ClientDefaultKeyStore CWPKI0403I: Trace is being logged to the following location: C:\opt\WebSphere\AppClient\logs\caClient.log CWPKI0418E: The following error occurred while querying the CA for a signed certificate: CWPKI0463I: Action "query" not supported by this implementation.
C:\opt\WebSphere\AppClient\bin>queryCertificate.bat -host localhost -port 1077 - username pkiuser -password webspherepki -alias C:\opt\WebSphere\AppClient\ etc\certReq26924.req -keyStoreAlias ClientDefaultKeyStore CWPKI0403I: Trace is being logged to the following location: C:\opt\WebSphere\AppClient\logs\caClient.log CWPKI0418E: The following error occurred while querying the CA for a signed certificate: CWPKI0463I: Action "query" not supported by this implementation.
queryCertificate.sh -host localhost -port 1077 - username pkiuser -password webspherepki -alias C:\opt\WebSphere\AppClient\ etc\certReq26924.req -keyStoreAlias ClientDefaultKeyStore CWPKI0403I: Trace is being logged to the following location: C:\opt\WebSphere\AppClient\logs\caClient.log CWPKI0418E: The following error occurred while querying the CA for a signed certificate: CWPKI0463I: Action "query" not supported by this implementation.
queryCertificate -host localhost -port 1077 - username pkiuser -password webspherepki -alias C:\opt\WebSphere\AppClient\ etc\certReq26924.req -keyStoreAlias ClientDefaultKeyStore CWPKI0403I: Trace is being logged to the following location: C:\opt\WebSphere\AppClient\logs\caClient.log CWPKI0418E: The following error occurred while querying the CA for a signed certificate: CWPKI0463I: Action "query" not supported by this implementation.